...
  • 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Journal of software maintenance and evolution rsearch and practice >Cybersecurity in safety‐critical systems
【24h】

Cybersecurity in safety‐critical systems

机译:关键安全系统中的网络安全

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

2016 saw cybersecurity standards appear in both automotive and medical devicernindustries. Both standards are understandably based on processes that already existrnin the respective industries. The automotive J3061~1 standard is very much focussedrnon existing categories for defining the cybersecurity threats, ie, systems, hardwarernand software. Cybersecurity is very much a multifaceted topic, and by restrictingrnthe scope to these 3 subject areas there is the risk that many significant threats couldrnbe overlooked, in particular the malicious acts of employees within an organisation.rnThe medical cybersecurity report AAMI TIR 57~2 takes the approach based on ISOrn14971~3 the medical device risk management standard, which encourages a morernopen‐minded approach to evaluating cybersecurity threats. Both of these documents,rnwhich are discussed in this paper, are short of practical examples or techniques forrnassessing and mitigating threats; the topic is handled in a more theoretical manner.rnKey issues such as trojan circuits in microcontrollers are not well represented in eitherrndocument. Generally, software topics such as authentication and encryption are givenrngood coverage in international standards; however, this not the case when reviewingrnhardware concerns. Both TIR 57 and J3061 are good starting documents for the topicrnof cybersecurity, but both could benefit from expansion to cover the wider topicsrnaffecting cybersecurity.
机译:2016年,汽车和医疗设备行业都出现了网络安全标准。可以理解,这两个标准都是基于各自行业中已经存在的流程。汽车J3061〜1标准非常集中于现有的定义网络安全威胁的类别,即系统,硬件和软件。网络安全是一个非常多方面的主题,并且通过将范围限制在这三个主题领域中,存在许多重要威胁可能被忽略的风险,尤其是组织内部员工的恶意行为。医疗网络安全报告AAMI TIR 57〜2将该方法基于ISOrn14971〜3医疗设备风险管理标准,该方法鼓励采取更加开放的态度来评估网络安全威胁。本文讨论的这两个文档都缺少用于评估和缓解威胁的实际示例或技术。该主题是以更理论性的方式处理的。在两个文档中都没有很好地表示出诸如微控制器中的特洛伊木马电路之类的关键问题。通常,认证和加密等软件主题在国际标准中给予了很好的覆盖。但是,在审查硬件问题时并非如此。 TIR 57和J3061都是有关网络安全主题的良好入门文档,但是它们都可以从扩展范围内受益,以涵盖影响网络安全的更广泛主题。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号